Security in the forum

[Guest]

[Martin.H]

You're dealing with internet-security?
Why do you send me my password in an unsecure email if I don't ask you for this???
Can't you imagine that I don't use a seperate password for each forum?
We're living in 2007 and the internet wasn't made up yesterday.
If you got such obvious security-problems, I don't want to think about what's happening with the rest of my personal data on your servers.

Best regards
Bye

[ganda]

i think this guy is more paranoid than me 

[pierceive]

I just came here to post exactly what the OP said. Sending passwords in cleartext is a great indicator of a complete lack of security (and I generally try to avoid doing business with any such sites). This has nothing to do with paranoia; it is a huge security risk to any and all users. There is no reason that my password should be stored anywhere but in my head or in an encrypted database.

[CGPMaster]

i think this guy is more paranoid than me 

I agree, lol... but also i see, The Reason for being such Hiped up by just a forum password....So Much info you can get ....idk  -cg

[ganda]

I just came here to post exactly what the OP said. Sending passwords in cleartext is a great indicator of a complete lack of security (and I generally try to avoid doing business with any such sites). This has nothing to do with paranoia; it is a huge security risk to any and all users. There is no reason that my password should be stored anywhere but in my head or in an encrypted database.

it's just forum password, we shouldn't use single password for forum,email, and internet banking. who wants to steal a forum password anyway 

[gordon]

Many boards send you your password by e-mail, f.ex if you forgot it, as a service..
usually they also tell you that the first thing you should do is change it ! ..
.. over SSL (HTTPS) of course
and you shouldn't be using the same password for multiple accounts because there are punks who try to steal passwords and/or crack accounts, God knows why ...

By default EVERYTHING you send over the internet is in clear-text
and can be read by anyone with access to the wires, that's just how networking was designed ..
E-mails are like a postcard, all you need to read them is access .

You can use GPG  http://www.gnupg.org/
to encrypt your E-mail but it requires that sender and receiver both have it installed
and it requires key-management,passphrases etc etc ..

Theres a GPG-extension for Thunderbird available,
it works very well and is relatively simple to set up
https://addons.mozilla.org/en-US/thunderbird/addon/71

Use a password-manager like KeePass  http://keepass.info/
it also has a password-generator,that way you can have unique log-ins for each account
and only need to remember one master-password .
Your log-ins are stored in a 256bit AES encrypted database .

   
 

 

[andyman35]

Many boards send you your password by e-mail, f.ex if you forgot it, as a service..
usually they also tell you that the first thing you should do is change it ! ..
.. over SSL (HTTPS) of course
and you shouldn't be using the same password for multiple accounts because there are punks who try to steal passwords and/or crack accounts, God knows why ...

By default EVERYTHING you send over the internet is in clear-text
and can be read by anyone with access to the wires, that's just how networking was designed ..
E-mails are like a postcard, all you need to read them is access .

You can use GPG  http://www.gnupg.org/
to encrypt your E-mail but it requires that sender and receiver both have it installed
and it requires key-management,passphrases etc etc ..

Theres a GPG-extension for Thunderbird available,
it works very well and is relatively simple to set up
https://addons.mozilla.org/en-US/thunderbird/addon/71

Use a password-manager like KeePass  http://keepass.info/
it also has a password-generator,that way you can have unique log-ins for each account
and only need to remember one master-password .
Your log-ins are stored in a 256bit AES encrypted database .

   
 

 

<<<Uses Opera which has a highly secure password manager built in 

[Tags:]